diff options
Diffstat (limited to 'vendor/github.com/minio/minio-go/v7/pkg/credentials')
7 files changed, 26 insertions, 36 deletions
diff --git a/vendor/github.com/minio/minio-go/v7/pkg/credentials/file_aws_credentials.go b/vendor/github.com/minio/minio-go/v7/pkg/credentials/file_aws_credentials.go index ccc8251f4..cbdcfe256 100644 --- a/vendor/github.com/minio/minio-go/v7/pkg/credentials/file_aws_credentials.go +++ b/vendor/github.com/minio/minio-go/v7/pkg/credentials/file_aws_credentials.go @@ -21,7 +21,6 @@ import ( "os" "path/filepath" - homedir "github.com/mitchellh/go-homedir" ini "gopkg.in/ini.v1" ) @@ -62,7 +61,7 @@ func (p *FileAWSCredentials) Retrieve() (Value, error) { if p.Filename == "" { p.Filename = os.Getenv("AWS_SHARED_CREDENTIALS_FILE") if p.Filename == "" { - homeDir, err := homedir.Dir() + homeDir, err := os.UserHomeDir() if err != nil { return Value{}, err } diff --git a/vendor/github.com/minio/minio-go/v7/pkg/credentials/file_minio_client.go b/vendor/github.com/minio/minio-go/v7/pkg/credentials/file_minio_client.go index dc3f3cc0b..56437edb2 100644 --- a/vendor/github.com/minio/minio-go/v7/pkg/credentials/file_minio_client.go +++ b/vendor/github.com/minio/minio-go/v7/pkg/credentials/file_minio_client.go @@ -24,7 +24,6 @@ import ( "runtime" jsoniter "github.com/json-iterator/go" - homedir "github.com/mitchellh/go-homedir" ) // A FileMinioClient retrieves credentials from the current user's home @@ -65,7 +64,7 @@ func (p *FileMinioClient) Retrieve() (Value, error) { if value, ok := os.LookupEnv("MINIO_SHARED_CREDENTIALS_FILE"); ok { p.Filename = value } else { - homeDir, err := homedir.Dir() + homeDir, err := os.UserHomeDir() if err != nil { return Value{}, err } diff --git a/vendor/github.com/minio/minio-go/v7/pkg/credentials/iam_aws.go b/vendor/github.com/minio/minio-go/v7/pkg/credentials/iam_aws.go index f7a4af4a2..14369cf10 100644 --- a/vendor/github.com/minio/minio-go/v7/pkg/credentials/iam_aws.go +++ b/vendor/github.com/minio/minio-go/v7/pkg/credentials/iam_aws.go @@ -289,7 +289,10 @@ func getCredentials(client *http.Client, endpoint string) (ec2RoleCredRespBody, } // https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/configuring-instance-metadata-service.html - token, _ := fetchIMDSToken(client, endpoint) + token, err := fetchIMDSToken(client, endpoint) + if err != nil { + return ec2RoleCredRespBody{}, err + } // http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/iam-roles-for-amazon-ec2.html u, err := getIAMRoleURL(endpoint) diff --git a/vendor/github.com/minio/minio-go/v7/pkg/credentials/sts_client_grants.go b/vendor/github.com/minio/minio-go/v7/pkg/credentials/sts_client_grants.go index 1f106ef72..34598bd8e 100644 --- a/vendor/github.com/minio/minio-go/v7/pkg/credentials/sts_client_grants.go +++ b/vendor/github.com/minio/minio-go/v7/pkg/credentials/sts_client_grants.go @@ -1,6 +1,6 @@ /* * MinIO Go Library for Amazon S3 Compatible Cloud Storage - * Copyright 2019 MinIO, Inc. + * Copyright 2019-2022 MinIO, Inc. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -25,6 +25,7 @@ import ( "io/ioutil" "net/http" "net/url" + "strings" "time" ) @@ -122,12 +123,14 @@ func getClientGrantsCredentials(clnt *http.Client, endpoint string, if err != nil { return AssumeRoleWithClientGrantsResponse{}, err } - u.RawQuery = v.Encode() - req, err := http.NewRequest(http.MethodPost, u.String(), nil) + req, err := http.NewRequest(http.MethodPost, u.String(), strings.NewReader(v.Encode())) if err != nil { return AssumeRoleWithClientGrantsResponse{}, err } + + req.Header.Set("Content-Type", "application/x-www-form-urlencoded") + resp, err := clnt.Do(req) if err != nil { return AssumeRoleWithClientGrantsResponse{}, err diff --git a/vendor/github.com/minio/minio-go/v7/pkg/credentials/sts_custom_identity.go b/vendor/github.com/minio/minio-go/v7/pkg/credentials/sts_custom_identity.go index ab588712c..e1f9ce4be 100644 --- a/vendor/github.com/minio/minio-go/v7/pkg/credentials/sts_custom_identity.go +++ b/vendor/github.com/minio/minio-go/v7/pkg/credentials/sts_custom_identity.go @@ -89,12 +89,12 @@ func (c *CustomTokenIdentity) Retrieve() (value Value, err error) { req, err := http.NewRequest(http.MethodPost, u.String(), nil) if err != nil { - return value, stripPassword(err) + return value, err } resp, err := c.Client.Do(req) if err != nil { - return value, stripPassword(err) + return value, err } defer resp.Body.Close() diff --git a/vendor/github.com/minio/minio-go/v7/pkg/credentials/sts_ldap_identity.go b/vendor/github.com/minio/minio-go/v7/pkg/credentials/sts_ldap_identity.go index 586995e86..25b45ecb0 100644 --- a/vendor/github.com/minio/minio-go/v7/pkg/credentials/sts_ldap_identity.go +++ b/vendor/github.com/minio/minio-go/v7/pkg/credentials/sts_ldap_identity.go @@ -1,6 +1,6 @@ /* * MinIO Go Library for Amazon S3 Compatible Cloud Storage - * Copyright 2019-2021 MinIO, Inc. + * Copyright 2019-2022 MinIO, Inc. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -24,6 +24,7 @@ import ( "io/ioutil" "net/http" "net/url" + "strings" "time" ) @@ -105,22 +106,6 @@ func LDAPIdentityExpiryOpt(d time.Duration) LDAPIdentityOpt { } } -func stripPassword(err error) error { - urlErr, ok := err.(*url.Error) - if ok { - u, _ := url.Parse(urlErr.URL) - if u == nil { - return urlErr - } - values := u.Query() - values.Set("LDAPPassword", "xxxxx") - u.RawQuery = values.Encode() - urlErr.URL = u.String() - return urlErr - } - return err -} - // NewLDAPIdentityWithSessionPolicy returns new credentials object that uses // LDAP Identity with a specified session policy. The `policy` parameter must be // a JSON string specifying the policy document. @@ -156,16 +141,16 @@ func (k *LDAPIdentity) Retrieve() (value Value, err error) { v.Set("DurationSeconds", fmt.Sprintf("%d", int(k.RequestedExpiry.Seconds()))) } - u.RawQuery = v.Encode() - - req, err := http.NewRequest(http.MethodPost, u.String(), nil) + req, err := http.NewRequest(http.MethodPost, u.String(), strings.NewReader(v.Encode())) if err != nil { - return value, stripPassword(err) + return value, err } + req.Header.Set("Content-Type", "application/x-www-form-urlencoded") + resp, err := k.Client.Do(req) if err != nil { - return value, stripPassword(err) + return value, err } defer resp.Body.Close() diff --git a/vendor/github.com/minio/minio-go/v7/pkg/credentials/sts_web_identity.go b/vendor/github.com/minio/minio-go/v7/pkg/credentials/sts_web_identity.go index 19bc3ddfc..50f5f1ce6 100644 --- a/vendor/github.com/minio/minio-go/v7/pkg/credentials/sts_web_identity.go +++ b/vendor/github.com/minio/minio-go/v7/pkg/credentials/sts_web_identity.go @@ -1,6 +1,6 @@ /* * MinIO Go Library for Amazon S3 Compatible Cloud Storage - * Copyright 2019 MinIO, Inc. + * Copyright 2019-2022 MinIO, Inc. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -26,6 +26,7 @@ import ( "net/http" "net/url" "strconv" + "strings" "time" ) @@ -139,13 +140,13 @@ func getWebIdentityCredentials(clnt *http.Client, endpoint, roleARN, roleSession return AssumeRoleWithWebIdentityResponse{}, err } - u.RawQuery = v.Encode() - - req, err := http.NewRequest(http.MethodPost, u.String(), nil) + req, err := http.NewRequest(http.MethodPost, u.String(), strings.NewReader(v.Encode())) if err != nil { return AssumeRoleWithWebIdentityResponse{}, err } + req.Header.Set("Content-Type", "application/x-www-form-urlencoded") + resp, err := clnt.Do(req) if err != nil { return AssumeRoleWithWebIdentityResponse{}, err |